svn commit: r467843 - head/security/vuxml
Jochen Neumeister
joneum at FreeBSD.org
Fri Apr 20 20:50:37 UTC 2018
Author: joneum
Date: Fri Apr 20 20:50:36 2018
New Revision: 467843
URL: https://svnweb.freebsd.org/changeset/ports/467843
Log:
Document wordpress issues
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Fri Apr 20 20:27:31 2018 (r467842)
+++ head/security/vuxml/vuln.xml Fri Apr 20 20:50:36 2018 (r467843)
@@ -58,6 +58,41 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="be38245e-44d9-11e8-a292-00e04c1ea73d">
+ <topic>wordpress -- multiple issues</topic>
+ <affects>
+ <package>
+ <name>wordpress</name>
+ <name>fr-wordpress</name>
+ <range><lt>4.9.5,1</lt></range>
+ </package>
+ <package>
+ <name>de-wordpress</name>
+ <name>zh_CN-wordpress</name>
+ <name>zh_TW-wordpress</name>
+ <name>ja-wordpress</name>
+ <range><lt>4.9.5</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>wordpress developers reports:</p>
+ <blockquote cite="https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/">
+ <p>Don't treat localhost as same host by default.</p>
+ <p>Use safe redirects when redirecting the login page if SSL is forced.</p>
+ <p>Make sure the version string is correctly escaped for use in generator tags.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://wordpress.org/news/2018/04/wordpress-4-9-5-security-and-maintenance-release/</url>
+ </references>
+ <dates>
+ <discovery>2018-04-03</discovery>
+ <entry>2018-04-20</entry>
+ </dates>
+ </vuln>
+
<vuln vid="ac7da39b-4405-11e8-afbe-6805ca0b3d42">
<topic>phpmyadmin -- CSRF vulnerability allowing arbitrary SQL execution</topic>
<affects>
More information about the svn-ports-head
mailing list